Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-10030

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2014-10030
Last Modified 13 Jan 2015 07:32:03
Published 13 Jan 2015 06:59:36
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-10030

Summary

Open redirect vulnerability in forums/login.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.

Vulnerable Systems

Application

  • Fluxbb 1.4.11

  • Fluxbb 1.5.0

  • Fluxbb 1.5.1

  • Fluxbb 1.5.2

  • Fluxbb 1.5.3

  • Fluxbb 1.5.4

  • Fluxbb 1.5.5

  • Fluxbb 1.5.6


References

CONFIRM - https://fluxbb.org/development/core/tickets/961/

CONFIRM - http://fluxbb.org/forums/viewtopic.php?id=8001


Last Updated: 27 May 2016 11:07:31